3 matches found
CVE-2024-8605
A vulnerability classified as problematic was found in code-projects Inventory Management 1.0. This vulnerability affects unknown code of the file /view/registration.php of the component Registration Form. The manipulation with the input leads to cross site scripting. The attack can be initiated...
CVE-2024-3668
The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.10.17. This is due to the plugin not restricting low privileged users from setting a default role for a registration form. This makes it possible for authenticated...
Rocket.Chat Cross-Site Scripting Vulnerability
Rocket.Chat is an open source built in JavaScript using the Meteor fullstack framework developed by the Web chat server . A cross-site scripting vulnerability exists in the registration form of Rocket.Chat versions prior to 0.66. A remote attacker can exploit this vulnerability to inject arbitrar...